CVE-2005-3269 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Sun	Java System Directory Proxy Server	5.2
Sun	Java System Directory Server	5.2
Sun	One Administration Server	5.2
Sun	One Directory Server	4.16

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2005-3269?

CVE-2005-3269 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate S...

How severe is CVE-2005-3269?

CVE-2005-3269 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-3269?

Check the references section above for vendor advisories and patch information. Affected products include: Sun Java System Directory Proxy Server, Sun Java System Directory Server, Sun One Administration Server, Sun One Directory Server.